Cyber threats are increasingly prevalent in today’s digital landscape, making cybersecurity a highly discussed skill. However, threats on the Internet constantly evolve. So, what cybersecurity approach can help mitigate these vulnerabilities? Asst. Prof. Dr. Songpon Teerakanok, a professor in Computer Science and Cybersecurity, introduces one such concept that could bolster security measures: Zero Trust Architecture (ZTA).
Asst. Prof. Dr. Songpon explains the Zero Trust Architecture concept as follows:
“Securing the Internet today is termed Perimeter-based Security, where clear boundaries are set, and only a few paths for network traffic are allowed. This allows us to monitor the security of this network traffic. However, there are many uncontrollable factors during the Bring Your Own Device (BYOD) period in a work-from-home setup. The traditional belief that all files within our computers are secure is not true.”
If threats manage to penetrate our computer systems, it means they can attack the victimized systems and potentially escalate the attack, causing significant damage. This type of attack technique is referred to as ‘Lateral Movement,’ where attackers can easily spread the attack to other parts of the network within an organization.
Given the aforementioned challenges, Zero Trust Architecture emerges as a new security paradigm. Instead of blindly trusting filtered content within the system, we must adopt the principle of ‘Never trust, always verify.’ The core principle of Zero Trust Architecture revolves around verifying everything, from operational principles to monitoring every data access. However, the implementation varies depending on each organization’s methods.
With a keen interest in Zero Trust Architecture and as the supervising professor of a related project, this concept has been extended into a research study titled ‘A Comprehensive Framework for Migrating to Zero Trust Architecture.’ This research, conducted by Ms. Pacharee Phiayura, an alumna of the M.Sc. in Cyber Security and Information Assurance program, under Asst. Prof. Dr. Songpon’s supervision, explores how organizations can transition their security systems to Zero Trust Architecture and identifies critical considerations for this migration.
Organizations should design their transition processes carefully to ensure they meet their needs and have a clear understanding of the most effective migration process. Asst. Prof. Dr. Songpon explains that there are two main working processes in the Migration Framework: Planning, Development, and Testing; and Deployment and Operation.
“The initial phase, Planning, Development, and Testing (depicted in blue), involves strategizing what needs protection within the organization, whether it’s devices or software. We then engage in discussions with management teams regarding these changes. This phase involves designing a system that aligns with the requirements of Zero Trust Architecture. It determines what we need, whether to purchase new equipment or technology like Firewalls, IPS (Intrusion Prevention Systems), and how they will be interconnected. This step involves designing and may require adjustments after testing. We might start by experimenting with low-impact business processes within the organization to learn and adapt before moving on to Critical Mission.”
“Following is the Deployment and Operation phase (depicted in yellow), which includes Zero Trust Transformation. This phase involves implementing the new security system throughout the organization. We need to assess whether the changes are effective and continue monitoring and maintaining the system. If improvements are needed, we refine based on feedback, collecting data for future migrations. However, each organization has unique assets to protect. For instance, an organization with employees working solely in an office environment faces different challenges compared to one with employees traveling nationwide, requiring remote access from various locations like coffee shops. Therefore, the solutions are different.”
Furthermore, Asst. Prof. Dr. Songpon shared insights into the challenges encountered during this study:
“One significant challenge is designing the framework. We synthesized findings from various studies into this framework. However, determining the framework’s effectiveness without real-world testing remains a challenge. At present, transitioning to Zero Trust Architecture incurs substantial costs for organizations. While it may not generate revenue, it prevents financial losses due to cyber threats.”
Finally, Asst. Prof. Dr. Songpon expressed concerns about the current understanding of Zero Trust Architecture:
“Many vendors and service providers are now offering Zero Trust Architecture-related products, such as Cisco and other tech giants. However, one common pitfall for organizations is the lack of clarity regarding their needs and what they want to protect. Merely labeling something as Zero Trust Architecture doesn’t guarantee comprehensive protection. Therefore, organizations must not blindly allocate budgets for these products but instead ensure they align with their specific requirements.”
For more details and to access the published work: https://ieeexplore.ieee.org/document/10052642